The easiest way to to provide free Let's Encrypt SSL security for IIS website is to use letsencrypt-win-simple tool.
- Download and extract letsencrypt-win-simple to a folder on your IIS server
- Run letsencrypt.exe and follow a simple command line wizard:
- Provide email address for certificate expiration notifications
- Select which ISS website you will be securing. Make sure your website has a correct host name in IIS Site Bindings. It will be used as the SSL certificate subject name.
That's pretty much it! letsencrypt-win-simple script will automatically request, download, and enable SSL certificate for the specified IIS website. Private key and other relevant files will be saved to C:\Users\Administrator\AppData\Roaming\letsencrypt-win-simple
The tool will also create a scheduled task that will run letsencrypt.exe --renew at 9am every day and automatically renew the certificate when it's about to expire. You may just want to modify the scheduled task to make sure it runs regardless of whether a user is logged on or not.
Windows Server 2008R2